class Admin::SessionsController < ApplicationController
  skip_before_filter :require_login, only: [:new, :create]

  def index
  end

  #GET  /admin/session/new    new    -> login
  def new
  end

  #POST /admin/session        create  -> do login
  def create
    user = Users.authenticate(params[:email], params[:password])
    if user
      session[:user_id] = user.id
      render json: {msg:'login ok',status:true}
      #redirect_to root_path
    else
      render json: {msg:'Email or password is wrong',status:false}
    end
  end

  #GET  /admin/session        show    -> show current login
  def show

  end

  #PUT  /admin/session        update   -> update session(update password)
  def update

  end

  #DELETE /admin/session      destroy  -> logout
  def destroy
    session[:user_id] = nil
    render json: {}
  end
end
